<?php
include 'utils.php';
include 'db.php';
/***************************************************************************
 *   Copyright (C) 2008 by Julian Cromarty   *
 *   j.cromarty@uea.ac.uk   *
 *                                                                         *
 *   This program is free software; you can redistribute it and/or modify  *
 *   it under the terms of the GNU General Public License as published by  *
 *   the Free Software Foundation; either version 2 of the License, or     *
 *   (at your option) any later version.                                   *
 *                                                                         *
 *   This program is distributed in the hope that it will be useful,       *
 *   but WITHOUT ANY WARRANTY; without even the implied warranty of        *
 *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the         *
 *   GNU General Public License for more details.                          *
 *                                                                         *
 *   You should have received a copy of the GNU General Public License     *
 *   along with this program; if not, write to the                         *
 *   Free Software Foundation, Inc.,                                       *
 *   59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.             *
 ***************************************************************************/
/**
*
* Class providing functions that update tables in the database to simplify form scripts
*
*@author Julian Cromarty
*/
class editData	{
/**
*
* Class variable to store the database connection
*
*/
	private $db;

/**
*
* Constructor. Creates a connection to the database and stores it in $db
*
*/
	function __construct()	{
		$this->db = new db();
		$this->db->connect();
	}

/**
*
* Checks for errors after executing an SQL statement
*
*@param $stmt The mysqli::statement object that has just been executed
*@param $class String with the classname of the calling function
*@param $func String with the function name of the calling function
*@return 0 on success, 1 otherwise
*/
	private function checkResult($stmt, $class, $func)	{
		if ($stmt->affected_rows > 0)	{
			echo("success\n");
			return 0;
		}
		else	{
			echo "fail: ", $class, "::", $func, "\n";
			echo $stmt->error, "\n";
			return 1;
		}
	}

/**
*
* Function to update the suppliers table
*
* Checks which values have been passed to it for updating and updates only those accordingly
*
*@param $vars Array of data. Should contain only data labeled 'sID', 'sName', 'sPhone', or 'sAddress'
*@return 0 on success, else 1
*/
	function editSupplier($vars)	{
		$class = __CLASS__;
		$func = __FUNCTION__;
		$con = $this->db->getInstance();
		if (!is_integer($vars['sID']))	{
			echo "No row ID given\n";
			return 1;
		}
		if ($vars['sName'] != null)	{
			$stmt = $con->prepare("UPDATE suppliers SET supplier_name=? WHERE supplier_id = ?");
			$stmt->bind_param('si', $con->real_escape_string($vars['sName']), $vars['sID']);
			$stmt->execute();
			if (checkResult($stmt, $class, $func) == 1) { return 1; };
		}
		if ($vars['sPhone'] != null)	{
			$stmt = $con->prepare("UPDATE suppliers SET supplier_phone=? WHERE supplier_id = ?");
			$stmt->bind_param('si', $con->real_escape_string($vars['sPhone']), $vars['sID']);
			$stmt->execute();
			if (checkResult($stmt, $class, $func) == 1) { return 1; };
		}
		if ($vars['sAddress'] != null)	{
			$stmt = $con->prepare("UPDATE suppliers SET supplier_address=? WHERE supplier_id = ?");
			$stmt->bind_param('si', $con->real_escape_string($vars['sAddress']), $vars['sID']);
			$stmt->execute();
			if (checkResult($stmt, $class, $func) == 1) { return 1; };
		}		
		$stmt->close();
		return 0;
	}

/**
*
* Function to update the customers table
*
* Checks which values have been passed to it for updating and updates only those accordingly
*
*@param $vars Array of data. Should contain only data labeled 'cID', 'cName', 'cPhone', 'cEmail' or 'cDonor'
*@return 0 on success, else 1
*/
	function editCustomer($vars)	{
		$class = __CLASS__;
		$func = __FUNCTION__;
		$con = $this->db->getInstance();
		if (!is_integer($vars['cID']))	{
			echo "No row ID given\n";
			return 1;
		}
		if ($vars['cName'] != null)	{
			$stmt = $con->prepare("UPDATE customers SET customer_name=? WHERE customer_id = ?");
			$stmt->bind_param('si', $con->real_escape_string($vars['cName']), $vars['cID']);
			$stmt->execute();
			if (checkResult($stmt, $class, $func) == 1) { return 1; };
		}
		if ($vars['cPhone'] != null)	{
			$stmt = $con->prepare("UPDATE customers SET customer_phone=? WHERE customer_id = ?");
			$stmt->bind_param('si', $con->real_escape_string($vars['cPhone']), $vars['cID']);
			$stmt->execute();
			if (checkResult($stmt, $class, $func) == 1) { return 1; };
		}
		if ($vars['cEmail'] != null)	{
			$stmt = $con->prepare("UPDATE customers SET customer_email=? WHERE customer_id = ?");
			$stmt->bind_param('si', $con->real_escape_string($vars['cEmail']), $vars['cID']);
			$stmt->execute();
			if (checkResult($stmt, $class, $func) == 1) { return 1; };
		}
		if (($vars['cDonor'] != null) && (is_bool($vars['cDonor'])))	{
			$stmt = $con->prepare("UPDATE customers SET donor=? WHERE customer_id = ?");
			$stmt->bind_param('ii', $vars['cDonor'], $vars['cID']);
			$stmt->execute();
			if (checkResult($stmt, $class, $func) == 1) { return 1; };
		}
		
		$stmt->close();
		return 0;
	}

/**
*
* Function to update the products table
*
* Checks which values have been passed to it for updating and updates only those accordingly
*
*@param $vars Array of data. Should contain only data labeled 'pID', 'pName', 'pPrice', or 'pSupplier'
*@return 0 on success, else 1
*/
	function editProduct($vars)	{
		$class = __CLASS__;
		$func = __FUNCTION__;
		$con = $this->db->getInstance();
		if (!is_integer($vars['pID']))	{
			echo "No row ID given\n";
			return 1;
		}
		if ($vars['pName'] != null)	{
			$stmt = $con->prepare("UPDATE products SET product_name=? WHERE product_id = ?");
			$stmt->bind_param('si', $con->real_escape_string($vars['pName']), $vars['pID']);
			$stmt->execute();
			if (checkResult($stmt, $class, $func) == 1) { return 1; };
		}
		if (($vars['pPrice'] != null) && (is_integer($vars['pPrice'])))	{
			$stmt = $con->prepare("UPDATE products SET product_price=? WHERE product_id = ?");
			$stmt->bind_param('ii', $vars['pPrice'], $vars['pID']);
			$stmt->execute();
			if (checkResult($stmt, $class, $func) == 1) { return 1; };
		}
		if (($vars['pSupplier'] != null) && (is_integer($vars['pSupplier'])))	{
			$stmt = $con->prepare("UPDATE products SET product_supplier=? WHERE product_id = ?");
			$stmt->bind_param('ii', $vars['pSupplier'], $vars['pID']);
			$stmt->execute();
			if (checkResult($stmt, $class, $func) == 1) { return 1; };
		}		
		$stmt->close();
		return 0;
	}

/**
*
* Function to update the customer_orders table
*
* Checks which values have been passed to it for updating and updates only those accordingly
*
*@param $vars Array of data. Should contain only data labeled 'coID', 'coCid', 'coProducts', 'coDate', or 'coPaid'
*@return 0 on success, else 1
*/
	function editCustomerOrder($vars)	{
		$class = __CLASS__;
		$func = __FUNCTION__;
		$con = $this->db->getInstance();
		if (!is_integer($vars['coID']))	{
			echo "No row ID given\n";
			return 1;
		}
		if (($vars['coCid'] != null) && (is_integer($vars['coCid'])))	{
			$stmt = $con->prepare("UPDATE customer_orders SET customer_id=? WHERE order_id = ?");
			$stmt->bind_param('ii', $vars['coCid'], $vars['coID']);
			$stmt->execute();
			if (checkResult($stmt, $class, $func) == 1) { return 1; };
		}
		if ($vars['coProducts'] != null)	{
			$stmt = $con->prepare("UPDATE customer_orders SET products=? WHERE order_id = ?");
			$stmt->bind_param('si', $con->real_escape_string($vars['coProducts']), $vars['coID']);
			$stmt->execute();
			if (checkResult($stmt, $class, $func) == 1) { return 1; };
		}
		if ($vars['coDate'] != null)	{
			$stmt = $con->prepare("UPDATE customer_orders SET order_date=? WHERE order_id = ?");
			$stmt->bind_param('si', $con->real_escape_string($vars['coDate']), $vars['coID']);
			$stmt->execute();
			if (checkResult($stmt, $class, $func) == 1) { return 1; };
		}
		if (($vars['coPaid'] != null) && (is_bool($vars['coPaid'])))	{
			$stmt = $con->prepare("UPDATE customer_orders SET paid=? WHERE order_id = ?");
			$stmt->bind_param('ii', $vars['coPaid'], $vars['coID']);
			$stmt->execute();
			if (checkResult($stmt, $class, $func) == 1) { return 1; };
		}		
		$stmt->close();
		return 0;
	}

/**
*
* Function to update the product_orders table
*
* Checks which values have been passed to it for updating and updates only those accordingly
*
*@param $vars Array of data. Should contain only data labeled 'poID', 'poSupplier', 'poProducts', 'poDate', or 'poPaid'
*@return 0 on success, else 1
*/
	function editProductOrder($vars)	{
		$class = __CLASS__;
		$func = __FUNCTION__;
		$con = $this->db->getInstance();
		if (!is_integer($vars['poID']))	{
			echo "No row ID given\n";
			return 1;
		}
		if (($vars['poSupplier'] != null) && (is_integer($vars['poSupplier'])))	{
			$stmt = $con->prepare("UPDATE product_orders SET supplier=? WHERE porder_id = ?");
			$stmt->bind_param('ii', $vars['poSupplier'], $vars['poID']);
			$stmt->execute();
			if (checkResult($stmt, $class, $func) == 1) { return 1; };
		}
		if ($vars['poProducts'] != null)	{
			$stmt = $con->prepare("UPDATE product_orders SET products_ordered=? WHERE porder_id = ?");
			$stmt->bind_param('si', $con->real_escape_string($vars['poProducts']), $vars['poID']);
			$stmt->execute();
			if (checkResult($stmt, $class, $func) == 1) { return 1; };
		}
		if ($vars['poDate'] != null)	{
			$stmt = $con->prepare("UPDATE product_orders SET order_date=? WHERE porder_id = ?");
			$stmt->bind_param('si', $con->real_escape_string($vars['poDate']), $vars['poID']);
			$stmt->execute();
			if (checkResult($stmt, $class, $func) == 1) { return 1; };
		}
		if (($vars['poPaid'] != null) && (is_bool($vars['poPaid'])))	{
			$stmt = $con->prepare("UPDATE product_orders SET paid=? WHERE porder_id = ?");
			$stmt->bind_param('ii', $vars['poPaid'], $vars['poID']);
			$stmt->execute();
			if (checkResult($stmt, $class, $func) == 1) { return 1; };
		}		
		$stmt->close();
		return 0;
	}
}

/*if(isset($_POST['Submit']))
{
	$table = $_POST['table'];
}*/
/*
$data = new editData();
$vars['sName'] = "fred";
$vars['sPhone'] = 12445756836;
$vars['sAddress'] = "1 the place";
$data->addSupplier($vars);
$vars = null;
$vars['cName'] = "jooles";
$vars['cPhone'] = 1026454656;
$vars['cEmail'] = "jooles@jooles.com";
$vars['cDonor'] = true;
$data->addCustomer($vars);
$vars = null;
$vars['pName'] = "carrot";
$vars['pPrice'] = 10;
$vars['pSupplier'] = 53;
$data->addProduct($vars);
$vars = null;
$vars['coCustomerId'] = 7;
$vars['coProducts'] = "1";
$vars['coDate'] = "2008-10-30";
$vars['coPaid'] = true;
$data->addCustomerOrder($vars);
$data = null;
*/
?>
